Configure Apple MDM

201 views October 2, 2018 August 11, 2020 0

Overview

Caution! If you want to renew your Apple Push certificate, please follow the procedure described in the Renew certificate section.

If you want to use Cortado MDM for a proof-of-concept, you don’t need to complete any further configuration steps and can get started right away. All the required certificates are already loaded. In a productive environment however, or an environment with more elevated  security standards, we recommend that you undertake the following steps.

You need two certificates for the Apple MDM :

Request and upload your own Apple Push certificate

Mobile Device Management on iOS devices requires the Apple push certificate, already provided by Apple. If a connection to an Apple device needs to be set up via the Management Console, Cortado sends a corresponding message to the device over the Apple Push Notification Service (APNS) which prompts it to log in to Cortado MDM. So no information is transmitted. The Apple Push Noti­fication Service only wakes the device from hibernation, so that it can be logged on to Cortado MDM. All configuration information, settings and requests go via an (encrypted) SSL connection directly from the management console to the Apple devices.

By default, there is an Apple push certificate already stored in the Corado Management Console. Therefore, the steps described below are only required if your organization wants to use it’s own Apple push certificate.

Requesting and installing an certificate

Before you can request a certificate from Apple, you first have to run a Certificate Signing Request (CSR).

  • For CSR, select in the Management Console: Control Panel→ Certificate.

Certificates auswählen

  • Under Apple Push Certificate click on Generate Certificate Request (arrow in illus.).
Requesting a certificate

Requesting a certificate

Note! To renew the certificate not use the button Generate Certificate Request. Otherwise you will generate a new certificate which has to be distributed to all users again.

  • Fill out the form and confirm with OK.
Fill out the request form

Fill out the request form

  • Click Download Certificate Request to save the certificate request (arrow in the illus.).
Saving the certificate request

Saving the certificate request

The CSR file will be saved.

Saved certificate request

Saved certificate request

login with Cortado ID or register new

login with Cortado ID or register new

  • Upload the certificate request (CSR) now under Upload CRS on the signing website.

  • In step 2 you can download the signed certificate request (CSR).

Signed certificate request received

Signed certificate request received

  • Click on Create a Certificate (arrow in illus.).

Note! If you would like to renew an existing certificate, then select your certificate instead and click Renew.

Create a certificate by using the request

Create a certificate by using the request

  •  Select your signed certificate request, and upload it .
Uploading a Cortado-signed certificate request

Uploading a Cortado-signed certificate request

  • Shortly after, you can download your certificate in .pem format (arrow in illus.).
Downloading the certificate

Downloading the certificate

 Push certificate downloaded from the Apple website

Push certificate downloaded from the Apple website

  • Using Upload Apple Certificate you can now upload your certificate.
Loading the Apple Push certificate

Loading the Apple Push certificate

Select certificate

Select certificate

Export and import certificate

  • Save a backup of the certificate in .pfx format with Export Apple Push Certificate (arrow in illus.).
  • With this version of the certificate, you can avoid future need for the procedure described above.
Installed push certificate – save backup copy

Installed push certificate – save backup copy

  • Enter a certificate password and confirm.
enter certificate password

enter certificate password

  • Using Import Apple Push Certificate you can install it again anytime.
  • Select the certificate with Choose Certificate and enter the password.
Upload a backup copy of your Apple Push certificate

Upload a backup copy of your Apple Push certificate

Renew certificate

The Apple Push certificate is valid for one year (left arrow in illus.).

  •  If you would like to extend it beyond that, tap on Renew Apple Certificate under Control Panel→ Certifi­cates→ Apple Push Certificate (right arrow in illus.).
Renew Apple Push certificates

Renew Apple Push certificates

  • Then proceed as described above.

The renewed certificate must not be assigned again on the users’ devices.

Was this helpful?